We provide business services to the financial services community in general, including providers, intermediaries and third party suppliers. Our business services include online training and competence tools, training, compliance and strategic consultancy.
At Competent Adviser we respect the privacy of users of our services and our business clients and we are committed to protecting personal data. This statement sets out how we handle data that identifies individuals and about individuals’ rights and how the law protects you.
If you have questions or concerns regarding this statement, please contact us and we will endeavour to help.
The website is not intended for children and we do not knowingly collect data relating to children.
Once a user has been registered on our websites, these provide access to online training and competency tools. We also provide other products and services that are not delivered online including strategic and compliance consultancy and training. Personal data or personal information means any information about an individual from which that person can be identified. It does not include data where the identity has been removed (anonymous data).
The type of personal data that we might hold about users are: name, contact information (including email address), telephone numbers, and usage data (about how our services are used). If a user uses our training, software or consultancy services, we might also collect details of a users’ education and skills. We may also hold business information such as the name of a user’s employer, job title, employer’s address, email address, telephone and fax number. We do not collect any special category of personal data (including religious beliefs, political opinions, etc).
Our website collects personal data about users whose details are provided to us by those individual users or our client businesses, for the purposes of registering users for undertaking online training and use of our competency tools. We therefore process users’ personal data on behalf of our client businesses who wish users to undertake such online training and use our competency tools. Our client businesses are therefore the data controller of users’ personal data and we act as a data processor on their behalf. As a data processor of users’ information, we only process users’ personal data in accordance with instructions from the data controller. Details of an individual users’ records will therefore be kept within our platform which operates the website and will be shared only with the applicable client business that has provided us with a users’ personal data for processing on their behalf. Our website is operated by us and a users’ personal data will not be shared with any other third party, although we do use a separate hosting provider to host the website for us, which is based in the European Economic Area.
We store this data within our systems so that this is accessible by our client businesses, and in accordance with the instructions provided by them, which will also reflect the relevant regulatory authorities’ requirements for certain data retention. This is subject to users’ rights as a data subject, which our client businesses will confirm to users as the data controller.
We have an appointed a data protection officer who is our point of contact for data protection queries. They can be contacted by emailing firstname.lastname@example.org
Our website learning materials includes links to many third party web service providers including associations, bodies and non-governmental organisations, such as HMRC and the Financial Conduct Authority.
We collect information about you for the following purposes:
If we were to use your personal data for a new purpose, we would let you know let you know what legal basis we were relying on to do this and where relevant, obtain your consent to do this.
We want to make sure that the personal information we hold is accurate and current. Please keep us informed (through the data controller client businesses) if your personal data changes whilst we hold this on their behalf.
We do not market to individuals in a personal capacity, only businesses or people for the benefit of our services in a professional capacity.
Where we market to our client businesses, we do so on the basis that we have already provided you with services previously and we think other goods and services may be of interest to you, or where we haven’t provided such services to you, because we have a legitimate interest in promoting our business and we think this would be of benefit to you. However, where we have not provided you with services previously, we will obviously consider whether our contacting you about our services is in your best interests. Our most common marketing method is via email or telephone.
We collect information about you in a number of ways:
We only use personal data when the law allows us to and specifically where:
We do not transfer personal data outside of the European Economic Area.
We do not disclose personal data to other organisations. Where you may provide your personal data to us for us to contact you about our services, then we will contact you in the manner applicable to the type of contact information you have provided to us.
We will only use personal data that we hold for the purposes for which it was collected, unless required by law.
We are committed to protecting the security of personal information. We use a variety of security technologies and procedures to help protect personal information from unauthorized access, use or disclosure. For example, we store personal information provided to us in computer servers with limited access that are located in controlled facilities.
We have implemented security policies, rules and technical measures to protect the personal data that we have under our control from:
All our employees and data processors that have access to, and are associated with the processing of personal data, are obliged to respect the confidentiality of our visitors’ personal data.
Under certain circumstances, you have rights under data protection laws in relation to your personal data. Where we are acting as a data processor on behalf of our data controller clients, then you should contact that data controller to discuss your rights. However, where we hold information about individuals for whom we are the data controller, then you have the following rights:
If we act as the data controller and if you wish to exercise any of the rights set out above, then please contact us on the details set out below.
You will not have to pay a fee to access your personal data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we may refuse to comply with your request in these circumstances.
We may need to request specific information from you to help us to confirm your identity and ensure your right to access your personal data (or exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response. We try to respond to all legitimate requests within one month. Occasionally it may take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.
The Information Commissioner Wycliffe House, Water Lane, Wilmslow, Cheshire SK9 5AF, UK www.informationcommissioner.gov.uk
Competent Adviser Limited: